Platform Security on the Enterprise Cloud

The Enterprise Cloud is a secure multi-instance cloud where we treat our customers’ data as if it was our own. We know we are responsible for the data that resides within every customer instance and we take the duty of securing this data very seriously. To secure data within an instance, we have developed multiple levels of platform security features. This blog post will not attempt to re-write our entire documentation on our security features but will highlight some important features used to secure data on the Enterprise Cloud.

Think of the security built into the Enterprise Cloud as a locked apartment building with cameras, multiple fences and other security measures. If someone leaves a window to an apartment open and unattended then the building security will provide limited protection from damage or theft.

Authentication

The first step in securing data is to make sure that only authenticated users can login to an instance – similar to making sure that owners know who has a key to unlock their apartment. In a ServiceNow instance, the instance administrator has full control over users and passwords. Usernames and passwords can be configured in the instance itself but most customers use an authentication mechanism where this information is held outside our cloud and in the enterprise datacenter.

Many enterprises integrate their instance with Active Directory Federation Services (ADFS) or Lightweight Directory Access Protocol (LDAP) to authenticate users. Another popular authentication method is to use Security Assertion Markup Language (SAML) for Single Sign-On (SSO) that makes it easier for users to login to multiple systems without remembering multiple passwords. We also provide ways to integrate user logins with two-factor authentication or multi-factor authentication tools that provide additional layers of enterprise security.

Authorization

Authorizing the functionality a user can use is another way to help secure a ServiceNow instance. Once a person has a valid a key to an apartment you may need to control where they can move, what they can see and if they can change anything. On an instance, after a user is logged in, the platform provides rich functionality to authorize user actions.

The ServiceNow platform includes Role Based Access Control (RBAC) that allows the authorization of users by source IP address, by username or by groups of users. Authorization can be customized further using Access Control Lists to build simple or complex rules.

Encryption

We use encryption, a technology that makes data unintelligble to users who do not have the proper key, to secure instance data in-flight and at rest. Using our apartment analogy, encryption is an additional level of security that encodes all the data in an apartment so that only people who have the proper decoding key can read them properly. All data in-flight between a client browser and any ServiceNow instance is encrypted using Transport Layer Security (TLS), what is sometimes referred to by its old name Secure Sockets Layer (SSL).

We encrypt data at rest by providing functionality to encrypt any text field on the platform using a private encryption key. We call this an encryption context and is built by using database column encryption. Each database column can be encrypted with a unique private key but in practice most customers encrypt specific fields to be visible by specific users or users with certain roles. For example, an encryption context could restrict users with the Human Resources role to see an unencrypted field showing employees home addresses.

You can encrypt data in an enterprise datacenter before it is sent to our cloud with ServiceNow Edge Encryption. Edge Encryption is a proxy application that resides in the enterprise network and encrypts data with a private key before sending it to an instance. The data remains encrypted while stored in the instance database. The encrypted data is sent back to the proxy application when requested and decrypted by the proxy before being sent to a client browser. Edge Encryption is used in the same use cases as encryption contexts but there are limitations – the main one being that any data encrypted by Edge Encryption cannot be decrypted in our cloud platform and thus, cannot be processed by back-end logic in an instance (there are some limited operations such as equality and order preservation that do operate on Edge Encrypted fields).

Securing your data on the Enterprise Cloud is necessary and can be accomplished using many of our platform security features. We have just started to explore this multi-faceted topic and will continue in our next blog post in the Enterprise Cloud series. Stay tuned!

Allan Leinwand

Allan Leinwand has built a reputation for managing the world’s most demanding clouds – in B2B and B2C. He is the chief technology officer at ServiceNow responsible for building and running the ServiceNow Enterprise Cloud – the second largest enterprise cloud computing environment on the planet. In this role, he is responsible for overseeing all technical aspects and guiding the long-term technology strategy for the company.
Before joining ServiceNow, Leinwand was chief technology officer – Infrastructure at Zynga, Inc. where he was focused on building one of the largest consumer cloud computing environments used in the delivery of the company’s social games to more than 80 million players daily. He got his start as a cloud pioneer at Cisco before “cloud computing” was a term and the idea of accessing applications from anywhere was still very new.
In addition to expertise in running large enterprise cloud computing environments, he also provides expertise in software engineering, quality engineering and product-market fit to companies including Spoke, Inc.; Bulletproof 360, Inc.; MapAnything, Inc.; Founders Circle Capital; and Kleiner Perkins Caufield & Byers. He is a Board member of Marin Software.
Leinwand has served as an adjunct professor at the University of California, Berkeley where he taught computer networks, network management and network design. He holds a bachelor of science degree in computer science from the University of Colorado at Boulder.

Thank you for posting this awesome article. I’m a
long time reader but I’ve never been compelled to leave a comment.
I registered your blog in my rss feed and shared it on my Twitter.
I will come back for sure to check your future posts!